-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from negz/main
Scaffold out the project
- Loading branch information
Showing
23 changed files
with
2,372 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
--- | ||
name: Bug Report | ||
about: Help us diagnose and fix bugs in Crossplane | ||
labels: bug | ||
--- | ||
<!-- | ||
Thank you for helping to improve Crossplane! | ||
Please be sure to search for open issues before raising a new one. We use issues | ||
for bug reports and feature requests. Please find us at https://slack.crossplane.io | ||
for questions, support, and discussion. | ||
--> | ||
|
||
### What happened? | ||
<!-- | ||
Please let us know what behaviour you expected and how Crossplane diverged from | ||
that behaviour. | ||
--> | ||
|
||
|
||
### How can we reproduce it? | ||
<!-- | ||
Help us to reproduce your bug as succinctly and precisely as possible. Artifacts | ||
such as example manifests or a script that triggers the issue are highly | ||
appreciated! | ||
--> | ||
|
||
### What environment did it happen in? | ||
Crossplane version: | ||
|
||
<!-- | ||
Include at least the version or commit of Crossplane you were running. Consider | ||
also including your: | ||
* Cloud provider or hardware configuration | ||
* Kubernetes version (use `kubectl version`) | ||
* Kubernetes distribution (e.g. Tectonic, GKE, OpenShift) | ||
* OS (e.g. from /etc/os-release) | ||
* Kernel (e.g. `uname -a`) | ||
--> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
--- | ||
name: Feature Request | ||
about: Help us make Crossplane more useful | ||
labels: enhancement | ||
--- | ||
<!-- | ||
Thank you for helping to improve Crossplane! | ||
Please be sure to search for open issues before raising a new one. We use issues | ||
for bug reports and feature requests. Please find us at https://slack.crossplane.io | ||
for questions, support, and discussion. | ||
--> | ||
|
||
### What problem are you facing? | ||
<!-- | ||
Please tell us a little about your use case - it's okay if it's hypothetical! | ||
Leading with this context helps frame the feature request so we can ensure we | ||
implement it sensibly. | ||
---> | ||
|
||
### How could Crossplane help solve your problem? | ||
<!-- | ||
Let us know how you think Crossplane could help with your use case. | ||
--> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
<!-- | ||
Thank you for helping to improve Crossplane! | ||
Please read through https://git.io/fj2m9 if this is your first time opening a | ||
Crossplane pull request. Find us in https://slack.crossplane.io/messages/dev if | ||
you need any help contributing. | ||
--> | ||
|
||
### Description of your changes | ||
|
||
<!-- | ||
Briefly describe what this pull request does. Be sure to direct your reviewers' | ||
attention to anything that needs special consideration. | ||
We love pull requests that resolve an open Crossplane issue. If yours does, you | ||
can uncomment the below line to indicate which issue your PR fixes, for example | ||
"Fixes #500": | ||
--> | ||
Fixes # | ||
|
||
I have: | ||
|
||
- [ ] Read and followed Crossplane's [contribution process]. | ||
- [ ] Run `make reviewable` to ensure this PR is ready for review. | ||
|
||
### How has this code been tested | ||
|
||
<!-- | ||
Before reviewers can be confident in the correctness of this pull request, it | ||
needs to tested and shown to be correct. Briefly describe the testing that has | ||
already been done or which is planned for this change. | ||
--> | ||
|
||
[contribution process]: https://git.io/fj2m9 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,104 @@ | ||
{ | ||
"$schema": "https://docs.renovatebot.com/renovate-schema.json", | ||
"extends": [ | ||
"config:base", | ||
"helpers:pinGitHubActionDigests" | ||
], | ||
// We only want renovate to rebase PRs when they have conflicts, | ||
// default "auto" mode is not required. | ||
"rebaseWhen": "conflicted", | ||
// The maximum number of PRs to be created in parallel | ||
"prConcurrentLimit": 5, | ||
"postUpdateOptions": ["gomodTidy"], | ||
// By default renovate will auto detect whether semantic commits have been used | ||
// in the recent history and comply with that, we explicitly disable it | ||
"semanticCommits": "disabled", | ||
// All PRs should have a label | ||
"labels": ["automated"], | ||
"regexManagers": [ | ||
{ | ||
"description": "Bump Go version ued in workflows", | ||
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$"], | ||
"matchStrings": [ | ||
"GO_VERSION: '(?<currentValue>.*?)'\\n" | ||
], | ||
"datasourceTemplate": "golang-version", | ||
"depNameTemplate": "golang" | ||
}, { | ||
"description": "Bump golangci-lint version in workflows and the Makefile", | ||
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$","^Makefile$"], | ||
"matchStrings": [ | ||
"GOLANGCI_VERSION: 'v(?<currentValue>.*?)'\\n", | ||
"GOLANGCILINT_VERSION = (?<currentValue>.*?)\\n" | ||
], | ||
"datasourceTemplate": "github-tags", | ||
"depNameTemplate": "golangci/golangci-lint", | ||
"extractVersionTemplate": "^v(?<version>.*)$" | ||
}, { | ||
"description": "Bump Go required version in workflows and the Makefile", | ||
"fileMatch": ["^\\.github\\/workflows\\/[^/]+\\.ya?ml$", "^Makefile$"], | ||
"matchStrings": [ | ||
"GO_REQUIRED_VERSION = (?<currentValue>.*?)\\n", | ||
], | ||
"datasourceTemplate": "golang-version", | ||
"depNameTemplate": "golang", | ||
"versioningTemplate": "loose", | ||
"extractVersionTemplate": "^(?<version>\\d+\\.\\d+)" | ||
} | ||
], | ||
// PackageRules disabled below should be enabled in case of vulnerabilities | ||
"vulnerabilityAlerts": { | ||
"enabled": true | ||
}, | ||
"osvVulnerabilityAlerts": true, | ||
"packageRules": [ | ||
{ | ||
"description": "Only get docker image updates every 2 weeks to reduce noise", | ||
"matchDatasources": ["docker"], | ||
"schedule": ["every 2 week on monday"], | ||
"enabled": true, | ||
}, { | ||
"description": "Ignore k8s.io/client-go older versions, they switched to semantic version and old tags are still available in the repo", | ||
"matchDatasources": [ | ||
"go" | ||
], | ||
"matchDepNames": [ | ||
"k8s.io/client-go" | ||
], | ||
"allowedVersions": "<1.0" | ||
}, { | ||
"description": "Only get dependency digest updates every month to reduce noise", | ||
"matchDatasources": [ | ||
"go" | ||
], | ||
"matchUpdateTypes": [ | ||
"digest", | ||
], | ||
"extends": ["schedule:monthly"], | ||
}, { | ||
"description": "Single PR for all kubernetes dependency updates, as they usually are all linked", | ||
"matchDatasources": [ | ||
"go" | ||
], | ||
"groupName": "kubernetes deps", | ||
"matchUpdateTypes": [ | ||
"major", | ||
"minor", | ||
"patch" | ||
], | ||
"matchPackagePrefixes": [ | ||
"k8s.io", | ||
"sigs.k8s.io" | ||
] | ||
}, { | ||
"description": "Ignore oss-fuzz, it's not using tags, we'll stick to master", | ||
"matchDepTypes": [ | ||
"action" | ||
], | ||
"matchDepNames": [ | ||
"google/oss-fuzz" | ||
], | ||
"enabled": false | ||
} | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# Configuration for probot-stale - https://github.com/probot/stale | ||
|
||
# Number of days of inactivity before an Issue or Pull Request becomes stale | ||
daysUntilStale: 90 | ||
|
||
# Number of days of inactivity before a stale Issue or Pull Request is closed. | ||
# Set to false to disable. If disabled, issues still need to be closed manually, but will remain marked as stale. | ||
daysUntilClose: 7 | ||
|
||
# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable | ||
exemptLabels: | ||
- security | ||
|
||
# Set to true to ignore issues in a project (defaults to false) | ||
exemptProjects: false | ||
|
||
# Set to true to ignore issues in a milestone (defaults to false) | ||
exemptMilestones: false | ||
|
||
# Label to use when marking as stale | ||
staleLabel: wontfix | ||
|
||
# Comment to post when marking as stale. Set to `false` to disable | ||
markComment: > | ||
This issue has been automatically marked as stale because it has not had | ||
recent activity. It will be closed if no further activity occurs. Thank you | ||
for your contributions. | ||
# Comment to post when closing a stale Issue or Pull Request. | ||
closeComment: > | ||
This issue has been automatically closed due to inactivity. Please re-open | ||
if this still requires investigation. | ||
# Limit the number of actions per hour, from 1-30. Default is 30 | ||
limitPerRun: 30 | ||
|
||
# Limit to only `issues` or `pulls` | ||
only: issues |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
name: Backport | ||
|
||
on: | ||
# NOTE(negz): This is a risky target, but we run this action only when and if | ||
# a PR is closed, then filter down to specifically merged PRs. We also don't | ||
# invoke any scripts, etc from within the repo. I believe the fact that we'll | ||
# be able to review PRs before this runs makes this fairly safe. | ||
# https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ | ||
pull_request_target: | ||
types: [closed] | ||
# See also commands.yml for the /backport triggered variant of this workflow. | ||
|
||
jobs: | ||
# NOTE(negz): I tested many backport GitHub actions before landing on this | ||
# one. Many do not support merge commits, or do not support pull requests with | ||
# more than one commit. This one does. It also handily links backport PRs with | ||
# new PRs, and provides commentary and instructions when it can't backport. | ||
# The main gotchas with this action are that it _only_ supports merge commits, | ||
# and that PRs _must_ be labelled before they're merged to trigger a backport. | ||
open-pr: | ||
runs-on: ubuntu-22.04 | ||
if: github.event.pull_request.merged | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 | ||
with: | ||
fetch-depth: 0 | ||
|
||
- name: Open Backport PR | ||
uses: zeebe-io/backport-action@bd68141f079bd036e45ea8149bc9d174d5a04703 # v1.4.0 | ||
with: | ||
github_token: ${{ secrets.GITHUB_TOKEN }} | ||
github_workspace: ${{ github.workspace }} |
Oops, something went wrong.